Hello and thanks for reading.
When using a policy that has both the main signature and the second signature through EnorsingSupportingToken, is the ws-security.signature.validator called twice? The question comes after Colm's very useful example project cxf-x509-demo which illustrates the use of ws-security.signature.validator to register a custom signature validator (that also creates a Subject from the certificate..., but that's another thing.) In Colm's example there's just the EnorsingSupportingToken and its signature, no main signature. But i was wondering what happens if we have a policy that also generates a main signature, will the validator be called twice? How can we distinguish between the 2 calls to, for example, create the Subject only from the Endorsing certificate and not from the main certificate? Thanks. -- Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html
